Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:33 p.m.9 views

CVE-2022-39288

fastify is a fast and low overhead web framework, for Node.js. Affected versions of fastify are subject to a denial of service via malicious use of the Content-Type header. An attacker can send an invalid Content-Type header that can cause the application to crash. This issue has been addressed i...

7.5CVSS6.6AI score0.59244EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/10/11 1:45 p.m.6 views

03-api-solid (>=1.0.0 <=1.1.2), 0uth (>=1.0.5 <=1.2.1) +2535 more potentially affected by CVE-2022-39288 via fastify (>=4.0.2 <=4.7.0)

fastify NPM version =4.0.2, =1.0.0, =1.0.5, =1.0.3, =0.0.3, =1.0.0, =3.0.0, =0.1.0, =2.0.0, =3.0.0, =0.0.1, =0.1.0, =2.0.0, =1.0.1, =1.0.6 and more Source cves: CVE-2022-39288 Source advisory: OSV:GHSA-455W-C45V-86RG...

7.5CVSS7AI score0.59244EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/10/10 12:0 a.m.5 views

CVE-2022-39288 Denial of service in Fastify via Content-Type header

fastify is a fast and low overhead web framework, for Node.js. Affected versions of fastify are subject to a denial of service via malicious use of the Content-Type header. An attacker can send an invalid Content-Type header that can cause the application to crash. This issue has been addressed i...

7.5CVSS7.4AI score0.59244EPSS
Exploits0References3
CVE
CVE
added 2022/10/10 12:0 a.m.70 views

CVE-2022-39288

CVE-2022-39288 affects the Fastify web framework for Node.js. The vulnerability arises in older Fastify versions (prior to 4.8.1) where a malicious Content-Type header can trigger a denial of service (application crash). The issue is addressed in commit fbb07e8d and the fix is planned for release...

7.5CVSS7.3AI score0.59244EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder